[strongSwan] Pre-shared secret and digital certificate simultaneously
karthik kumar
kumarkarthikn at gmail.com
Tue Feb 13 17:26:23 CET 2018
You can have server (responder) authenticate itself using certificate and
client (initiator) authenticate using PSK
something like this,
client
leftauth=secret
rightauth=pubkey
server
leftauth=pubkey
rightauth=secret
Yes you put both the entries in ipsec.secrets
: RSA <your_private_key>
: PSK <your secret>
Thanks
On Wed, Feb 7, 2018 at 6:33 AM, Newton, Benjamin David <bdnewto at sandia.gov>
wrote:
> Can anyone tell me if strongswan is able to support Authentication using
> both a pre-shared secret and a digital certificate simultaneously?
>
>
> If so, can you give me any pointers on how to configure such a connecton?
> Do you keep authby=secret line? Do you put both entries in the
> ipsec.secrets file?
>
>
> Thanks,
>
> Ben Newton
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180213/288ba58e/attachment.html>
More information about the Users
mailing list